Triage

At the time of writing, in 2009, it is commonplace for digital forensic units to have a backlog, several as long as twelve months. Many units have increased in size but have still continued to have a backlog and it is suggested that bringing more staff into a unit will not on its own reduce the backlog of work. This paper discusses how cases submitted to units can be assessed and prioritised, and how software triage can be used to target resources more efficiently.

Computer Forensics Case Assessment and Triage Discussion Paper

and mentioned within the paper a prioritisation matrix.

The author invites discussion on this topic and would welcome any comments on how the issues are dealt with within other units.